Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e3134352e302f32342d3234203d3e2036383439.roa
File: 33372e35322e3134352e302f32342d3234203d3e2036383439.roa (raw, json)
Hash identifier: 7U58razrH9lWz8nb6OtRUzfrTzximUl8IhmX/Em0aZ0=
Subject key identifier: 77:79:D5:D1:68:4C:8A:B8:75:83:3A:77:61:9B:0C:B3:CE:C5:F9:A0
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 4757483B9C8D9B844AA5F7B75A49BCA3B09EF9BE
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e3134352e302f32342d3234203d3e2036383439.roa
Signing time: Tue 20 Feb 2024 14:39:14 +0000
ROA not before: Tue 20 Feb 2024 14:34:14 +0000
ROA not after: Tue 18 Feb 2025 14:39:14 +0000
asID: 6849
IP address blocks: 37.52.145.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 23 Feb 2024 09:39:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:57:48:3b:9c:8d:9b:84:4a:a5:f7:b7:5a:49:bc:a3:b0:9e:f9:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Feb 20 14:34:14 2024 GMT
Not After : Feb 18 14:39:14 2025 GMT
Subject: CN=7779D5D1684C8AB875833A77619B0CB3CEC5F9A0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:e5:14:24:cf:ec:0b:61:40:0f:2a:c1:a6:08:
ba:aa:75:25:f9:ae:8c:ea:e7:bc:e3:f3:f6:59:f5:
fb:3d:00:fe:f8:5c:44:6e:52:86:d0:03:2a:85:84:
c8:e7:1d:cf:19:49:5a:43:09:56:37:53:66:86:59:
0c:b1:8f:68:28:f2:c7:6c:55:bf:ce:95:53:c1:cb:
ba:64:76:13:f8:a0:94:76:a2:5f:86:a8:6e:0f:cf:
50:20:67:d9:55:a8:ac:e6:f9:c3:91:f1:69:7f:b6:
19:74:74:15:56:2c:ad:cb:ed:48:5f:6b:d9:bd:66:
4c:c9:84:95:85:1f:b1:57:b1:cb:f6:bf:9b:30:b4:
fa:9e:7d:3f:ff:dc:5a:9e:36:a1:de:e8:41:cf:93:
96:66:f8:f7:0a:df:46:d0:c3:7f:41:62:bc:0a:61:
31:00:48:07:e4:31:16:65:34:f0:0f:92:71:84:bc:
3f:d2:81:23:40:94:c1:9b:c2:61:87:52:fb:93:a9:
bc:16:0d:f2:9f:e9:60:a9:d2:89:8d:fe:43:1f:8f:
fe:9e:05:60:4c:f0:ed:87:5c:83:1e:d0:ee:77:d9:
de:27:2a:44:c5:a3:a7:7f:80:93:ac:c3:2d:b3:82:
88:89:b0:8e:4e:1e:c1:34:4c:a0:7a:92:78:da:2d:
54:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:79:D5:D1:68:4C:8A:B8:75:83:3A:77:61:9B:0C:B3:CE:C5:F9:A0
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e3134352e302f32342d3234203d3e2036383439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.52.145.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:65:8c:71:f0:14:94:81:35:a5:87:4a:4e:c4:3d:a6:3f:a3:
b9:7b:e9:70:1d:ab:5c:41:15:28:b7:c6:52:62:84:c1:b1:06:
59:28:f4:b1:41:74:22:da:6d:d9:81:ec:9a:89:37:f3:c1:60:
07:66:9b:aa:0b:bc:e8:f7:a8:07:ee:ba:ef:fb:6d:96:26:22:
a7:73:2d:b4:4d:d5:5e:7f:9c:06:3c:f8:6b:e0:f9:40:96:02:
d4:49:d5:01:58:7d:fc:f5:2a:31:3e:23:8f:59:b0:8e:9b:1d:
ca:4a:bd:f1:51:9a:d5:1c:a8:d2:17:7f:76:b8:2a:d0:a4:9c:
ce:03:77:a0:20:c8:80:f3:6e:51:1e:8d:3f:c3:27:a3:53:f0:
03:33:33:5f:52:e9:e0:fd:ea:cd:74:20:98:80:ce:e0:d4:e9:
9d:0c:9f:62:0b:46:ea:4e:39:78:f8:1d:37:ad:60:d1:87:28:
43:51:22:ef:60:96:ff:3a:d7:30:46:8e:bb:87:f2:a9:df:a4:
3c:4c:5d:fb:81:09:26:22:bf:38:4d:8c:62:08:92:d7:14:8d:
38:b1:90:44:97:4c:5f:ae:b1:0e:54:8a:00:1b:6b:a2:2a:29:
27:aa:ae:ef:21:44:8d:49:af:35:8e:08:9f:a9:45:53:50:d4:
59:a3:77:95
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUR1dIO5yNm4RKpfe3Wkm8o7Ce+b4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNDAyMjAxNDM0MTRaFw0yNTAyMTgxNDM5MTRaMDMxMTAvBgNV
BAMTKDc3NzlENUQxNjg0QzhBQjg3NTgzM0E3NzYxOUIwQ0IzQ0VDNUY5QTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDH5RQkz+wLYUAPKsGmCLqqdSX5
rozq57zj8/ZZ9fs9AP74XERuUobQAyqFhMjnHc8ZSVpDCVY3U2aGWQyxj2go8sds
Vb/OlVPBy7pkdhP4oJR2ol+GqG4Pz1AgZ9lVqKzm+cOR8Wl/thl0dBVWLK3L7Uhf
a9m9ZkzJhJWFH7FXscv2v5swtPqefT//3FqeNqHe6EHPk5Zm+PcK30bQw39BYrwK
YTEASAfkMRZlNPAPknGEvD/SgSNAlMGbwmGHUvuTqbwWDfKf6WCp0omN/kMfj/6e
BWBM8O2HXIMe0O532d4nKkTFo6d/gJOswy2zgoiJsI5OHsE0TKB6knjaLVTXAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUd3nV0WhMirh1gzp3YZsMs87F+aAwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUt
NDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThmNmI0LzAvMzMzNzJlMzUzMjJlMzEzNDM1
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzYzODM0Mzkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAlNJEw
DQYJKoZIhvcNAQELBQADggEBAGtljHHwFJSBNaWHSk7EPaY/o7l76XAdq1xBFSi3
xlJihMGxBlko9LFBdCLabdmB7JqJN/PBYAdmm6oLvOj3qAfuuu/7bZYmIqdzLbRN
1V5/nAY8+Gvg+UCWAtRJ1QFYffz1KjE+I49ZsI6bHcpKvfFRmtUcqNIXf3a4KtCk
nM4Dd6AgyIDzblEejT/DJ6NT8AMzM19S6eD96s10IJiAzuDU6Z0Mn2ILRupOOXj4
HTetYNGHKENRIu9glv861zBGjruH8qnfpDxMXfuBCSYivzhNjGIIktcUjTixkESX
TF+usQ5UigAba6IqKSeqru8hRI1JrzWOCJ+pRVNQ1Fmjd5U=
-----END CERTIFICATE-----
Generated at Fri Feb 23 13:38:38 2024 by rpki-client on console-ams.rpki-client.org